CVE Vulnerabilities

CVE-2014-0675

Published: Jan 23, 2014 | Modified: Aug 29, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
6.4 MEDIUM
AV:N/AC:L/Au:N/C:P/I:P/A:N
RedHat/V2
RedHat/V3
Ubuntu

The Expressway component in Cisco TelePresence Video Communication Server (VCS) uses the same default X.509 certificate across different customers installations, which makes it easier for remote attackers to conduct man-in-the-middle attacks against SSL sessions by leveraging the certificates trust relationship, aka Bug ID CSCue07471.

Affected Software

Name Vendor Start Version End Version
Telepresence_video_communication_server Cisco - (including) - (including)

References